mcp-server-redis
pypi:mcp-server-redis@0.1.1
Severity breakdown
Worst finding
Tool `set_value` name implies a side effect that is not declared
· set_value
`set_value` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.
fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).
All 2 findings
- highTool `set_value` name implies a side effect that is not declared· set_valueexcessive agency
`set_value` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.
fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).
- highTool `delete_key` name implies a side effect that is not declared· delete_keyexcessive agency
`delete_key` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.
fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).
How this was scored
Source registry — tool surface extracted from the package's README + manifest (R3/R5/R6/R7 fire; schema-dependent rules deferred). Findings are emitted by the public capframe.findings.v1 schema. Score = 100 − (10·Critical + 4·High + 2·Medium + 1·Low), clamped to [0, 100].
Disagree with a finding? Open an issue.